How do spammers know if you open their e-mails?

Discussion in 'privacy problems' started by HandsOff, Mar 14, 2006.

Thread Status:
Not open for further replies.
  1. HandsOff

    HandsOff Registered Member

    I know it sounds like a stupid question. First of all, I never open spam intentionally. But sometimes I click something by accident, or something, and, from what I have heard, just opening a spam mail is likely to result in a huge increase in the amount of spam that you are sent.

    Well, surely if this is true, it is a behavior that should be controlable. I am in between a rock and a hard place regarding a certain newsletter that I receive. I am interested to see what they have to say, but opening them in the past has corrosponded to spam increases.

    I'll say right now that I am not that interested in complex solutions that will screen my mail for me. Geeze, if I have a hard time doing this, how is some stupid program going do it? I just wonder if this one behavior is something that can be eliminated.

    If the results of this stupid question are encouraging, I have another one all lined up and ready to be asked!

  2. Howard Kaikow

    Howard Kaikow Registered Member

    Use mail filters.

    Do not open such messages while connected to the internet.
  3. eyes-open

    eyes-open Registered Member

    Here's a very readable explanation of the way e-mail can be exploited.

    How HTML Email Messages Relate to Unsolicited Commercial Email ("spam")

    It's a Mac link - but it gives an overview of the problem. You will have to look to your particular E-mail client to discover how to set your options for viewing e-mails.

    Some Newsletter providers offer a plain-text option - so you could spend a minute or 2 checking that out.

  4. Notok

    Notok Registered Member

    They way they normally do this is by linking an image in the email that gets loaded from their website when you view the image, usually from a database so they can put a code in the URL that identifies you (sometimes this is noticible because the image inside the message loads slower than other parts of the message). Another way is by getting "read receipts", which makes your email client send an email back to them informing the sender that you've read the message (this is a legitimate function often used for important messages, often within businesses so an employee can't say they didn't get that memo).

    There's a few ways around these. The easiest is just to view all email in plain text. This is the safest way to go for a lot of reasons, not the least of which is that it stops malware from being able to automatically start, but also for things just like this. If you use an email program to download your email, you can also get a program like Firetrust Benign or Email Sentinel that will filter out images that load from the internet. These programs also filter out scripts and other things, which makes HTML mail safe to view. I personally use PocoMail for my email client, it has all this functionaltiy built in, which you can toggle on and off as you're reading the email, so that if you have an email that you know to be legitimate that gets "broken" by the HTML sanitizing, you can temporarily disable it. PocoMail will also simply disregard read receipts. You'll want to go through your email program's settings and set it to at least ask you if you want to respond to read receipts. If you're using web mail, you'll just have to go through the options to see what they offer, every web mail system is going to be different.
  5. HandsOff

    HandsOff Registered Member

    Hi, and thanks for the suggestions, but still, what I am getting at is that some sort of receipt must be being sent. (Don't think that the irony of a receipt being sent to someone that has sent me mail which cannot be responded to is missed, by the way). Surely, there is some generic way to block the sending of receipts. Perhaps a firewall rule, or something of that nature? I know that my ISP is obviously going to have fairly all-encompassing priveledges on the internet, however, perhaps a receipt is recognizeable and can be screened? It just seems as though one should not be forced to send anything. I could be oversimplifying.

    I have to admit that it never occured to me that opening a message off line would have less consequences. I mean, if this activity is basically happening behind my back, how would I know if the receipt was not simply stored and sent next time I log on? I'm not questioning that it doesn't help, just stating that I would, of course, like to be in a little more direct control of the situation. And I am not guessing that my ISP is going to provide it. Nope, I am guessing that we are in security applications country in this.

  6. HandsOff

    HandsOff Registered Member

    Hi Notok-

    Your response came while I was making my response, so I did not read it (dispite the appearance) when I last posted.

    I have to respectfully disagree that receipts are legitimate. Any action that is initiated by my computer that is counter to my wishes is surely not legitimate. At any rate, you mention employers, and ironically, that is the one venue were the e-mail has been managed in a way I find legitimate. There you will sometimes get the message "return receipt requested" as you alluded to. I have always found the request rather pompous and annoying, and yet I have to admit that when you are diseminating information that you consider important, it is nice to know that it has been...well, opened, anyways. Not surprisingly the most idiotic and trivial of messages would come with this request. I always did return them, though. As I said, it is reasonable when the request is coming from someone you know and there is a perceived need. My isp sending receipts to annonymous spammers is nothing but treacherous back stabbing!

    Okay, that minor point aside...there seemed to be an answer at hand! Until I read the part about e-mail being web-based. I imagine comcast must be. Isn't practically all e-mail web based these days? I guess when it comes to email, web based takes a lot of control out of your hands. I don't have any good alternatives to comcast, so I will just have to suffer.

    Thanks for clarifying the issue!

  7. Rmus

    Rmus Exploit Analyst

    I've always used a plain-text newsreader/email program. Any HTML emails show up as an attachment which I open in the browser to view if I choose (only three newsletters). Otherwise, nothing happens, and of course, no code or script is auto-run. So, I can't see that any receipt will be auto-sent viewing in this way. And, as you mention, viewing off-line would prevent it anyway.

    As far as "complex solutions" you refer to regarding spam, email filters are not difficult to learn to use. Once set up, they are pretty reliable. One of my accounts that I use solely for the internet receives 30-40 spam messages/day that I never see - they are filtered to the trash bin.

    You can also get spam-filter programs, but a good email program will provide this feature built-in.

    I certainly hope not!

  8. HandsOff

    HandsOff Registered Member

    Well my experience is limited, as is my knowlege of email, but, basically, if you can access your email from another computer, then your email is web based, correct? I think all of my ISP's (all three) have been web based. I'm vaugly aware that there is another kind, but I'm not sure it is such a better way to go.
    I need the cable connection, however, so for me there is only one provider available, so its academic...though it would be interesting...(* he deftly queries a sophiscated search routine *)...well the "misinterpret your simple straighforward question for an inquirery about some thinly related product or service to be crammed down your thoat" search engines returned some very loosely research figures claiming that 64-85 percent of email is web based. But maybe someone closer to the source can confirm or deny this. recap:

    - I have little if any control over receipts.
    - Search engines are controlled by greedy pigs.

    While on the surface I may appear at times to be a bit of a cynic, the reality is just the opposite. I'm an optimist. I am certain that one day one of my cynical assessments will turn out to be wrong! index finger needs the exercise, so I'll just keep on deleting.

  9. Paranoid2000

    Paranoid2000 Registered Member

    Another option is to use your firewall to block any http (port 80) access by your email software - this will prevent the downloading of any web bugs (and will also block any images included in legitmate email).

    The only case where this can't be used is where your email client is built into your browser (e.g. Opera with its M2 email client) - blocking http access here would prevent you from viewing web pages altogether.

    As an aside, "read receipts" in email will virtually never be used by spammers since the return addresses they use are almost always forged (and any decent email program will give you the option of actually sending one anyway).

    Be aware also that some spammers use unique links in their email so just clicking on them to check their site may confirm receipt (the URLs will either include a parameter at the end like or have a long character string at the start like Reporting such spam to services like SpamCop may also therefore confirm your address as live. However if you do start receiving increasing quantities of spam for a website despite complaining, then using a tool like SpamVampire (Google for it) may be the most appropriate response - but be sure that you are comfortable with the ethics of using it and, if so, reserve it for the most persistent offenders.
  10. StevieO

    StevieO Registered Member

    Blocking ALL web bugs is very easy with this nice App.

    Desktop Armor

    Helps prevent Phishing too and has lots of other security features and tools built in. I've been using it for several years with excellent results. Wouldn't be without it.

  11. Rmus

    Rmus Exploit Analyst

    Not necessarily. My ISP has local phone numbers that can be dialed from anywhere in the state. So, when away, I could theoretically set up a POP account on a friend's computer and read my email in that computer's email program. But it would be more convenient just to connect to the internet and read my email on my ISP's web mail server, and then download the emails to my own computer using my POP account upon returning home.

    In my area, two people I know who have cable, also subscribe to our local ISP just so they can have a POP email account. More expensive, yes, but for them, not having to use web mail is important.

    Some DSL companies offer POP email.

  12. Slovak

    Slovak Registered Member

    +1 Pegasus mail is awsome for this, it displays no images by default for that very reason of viruses, spammers, etc.
  13. Eldar

    Eldar Registered Member

    My email client, Barca Pro, is set to not show images, but with a single click it downloads these images for any message I want. :cool:

    Further more my In, Junk & Trash folder are sanitized by an Event OnDisplay, so the messages are safe from webbugs or images reporting back to the spammer.
    Only the message display for that folder is changed, not the original messages. :D

    Also no scripts or code can be executed by default. :D
    It also uses it's own rendering engine.

    Spammers, viruses, scripts don't stand a chance here. :D
  14. Howard Kaikow

    Howard Kaikow Registered Member

    Also Thunderbird.
  15. Franklin

    Franklin Registered Member

  16. hollywoodpc

    hollywoodpc Registered Member

    I agree but , I also use Pocomail and it does wonderfully !
  17. ErikAlbert

    ErikAlbert Registered Member

    I got rid of most of my spam-emails in a very unusual way.
    I was disconnected from the internet during a period of 14 days, while I was moving to my new apartment.
    In stead of receiving 50 upto 100 spam-emails a day, I receive now about 5 spam-emails a day.
    I still can't get used to it, my inbox is quite empty nowadays.
  18. Slovak

    Slovak Registered Member

    Thunderbird shows all images by default, at least the last time I used it it did o_O
  19. Howard Kaikow

    Howard Kaikow Registered Member

    i do not recall the default.
    the default can be overriden.
  20. TNT

    TNT Registered Member

    By default it doesn't show images loaded from remote sites, only images sent as attachments. Since only the images loaded from remote sites can be used to track whether someone opened the e-mail message or not, Thunderbird does "protect".
  21. Slovak

    Slovak Registered Member

    I guess I stand corrected then :)
  22. Devil's Advocate

    Devil's Advocate Registered Member

    I'm still wary about opening emails in TB in html mode, I know it blocks loading of images from remote sites, I'm not certain yet if it blocks other externally linked stuff like css files? I seem to recall reading a while ago on Mozillazine that someone claim it didn't.

    Of course you could also do the old firewalling email client trick, but I just open everything in txt mode to be safe.

    if you really want to see html mail, The best I think would be to use something like pegasus mail and poco mail, with their own html interpreters/viewers so they don't rely on IE or firefox at all to display html mail. Since they are dumb by design, they don't have javascript,java don't access the net to download stuff etc build in at all, you are almost 100% safe as compared to using a full blown browser, and trying to block some functions.

    Somewhat less reliable i think is to rely on some filter proxy that tries to indentify and snip away/rewrite portions that might compromise privacy when displayed as html mail. It's not likely mind you, but it's still possible that with clever html/css, a remotely loaded object could be missed by the filters that are meant to netuer it.

    But as i said , safest is probably read everything in txt mode, no way you can be hurt by web-bugs then.
  23. Howard Kaikow

    Howard Kaikow Registered Member

    Well, you should be filtering mail, in THunderbird itself, and if a mechanism that you can control exists at your ISP, also at your ISP. Last I checked, I was killing hundreds of messages per day at my ISP.

    Then for additional saefty, do NOT read mail while connected to the internet, AND, most importantly, do not needlessly open attachements. Even your friends/clients may inadvertently send you a virus.
  24. Eldar

    Eldar Registered Member

    I'm always connected to the internet, so I do read my mail at the same time. Not very practical IMO. o_O
    Even at my work we're always connected and I do open every mail too, unless I recognize it as spam or it has been flagged by the antivirus (attachments removed) :)
    Agreed, don't open attachment and if from your friends/clients scan it first prior to opening it. :thumb:
  25. Howard Kaikow

    Howard Kaikow Registered Member

    Unplug the modem or router or ..., I would not do this, but it can be dome.
Thread Status:
Not open for further replies.